Multi-interface Host IP routing configuration

The campus network of our school is a node of the network of Teaching branch, opened two export, one is the education branch net export, one is the telecommunication net export. The choice strategy of network exit is: Visit the node in the free address list of the Education branch network to go to the branch network export, otherwise through the proxy server to walk the telecommunication net export. Since the interconnection of the network with the public network is not high enough, it is usually faster for users of the public network to visit the network than to visit the network. Some important servers for the public network we will consider setting up one more telecom network interface, so that these users can both teach the network and access from the telecommunications network.

In order to facilitate college users to purchase instruments and equipment, we have built a Web site with Windows 2000 Server in the campus network for auction equipment. After registering as a member of this website, the college members can put forward the request of the purchase equipment on the Internet, and the supplier members can bid on a certain equipment on the Internet for a period of time. With the increase in the volume of business, the scope of supplier membership is also expanding, a number of suppliers to the network outside the public network to visit the site always feel slow response, but also appear at a critical moment not even on the site. In view of this situation, we have opened a telecommunication network interface to this server, the topology structure is shown in Figure 1.

After installing more than one NIC for the server, configure the network card parameters according to the basic items on the network card properties: IP address, subnet mask, default gateway, DNS server, etc. When the server is configured, we ping over the intranet (campus network) gateway and extranet (telecommunications network) gateway, all show normal, that the configuration is no problem, and told the relevant users can be based on their own network to select access to the portal. To the server to add a connection to the telecommunications network, users on the public network can not go through the network can access. However, contrary to the past, there are still a lot of users to us to reflect access to equipment auction site is very slow, we feel that the network card has not played its due role.

Check the cause of the fault, first in the Intranet of other network segment of the host Ping the server intranet interface, is normal. Then ping some supplier members from the server node, most of the return request timed out information, as long as the connection to the network of other nodes, its connectivity is much worse. Use route Print to display the routing table. found that there are two default routes in the routing table, their next hop is intranet and extranet gateways (gateway), and the effective default gateway (Gate Gateway) at this point to the intranet gateway, we have seen the gateway to the extranet. No matter where the default gateway is pointing, a request package can come in from two interfaces, but its response package has only one exit, and it does not achieve where it comes from. Obviously the problem is in the configuration of IP routing.

Fig. 1 Campus Network boundary topology map

According to the definition of IP protocol, the network layer of the host is the way of forwarding packets from the source network to the destination network based on the IP routing table. Theoretically, the server's response package should be able to reach its destination from which interface, but because of the network and the public network connectivity is not ideal, but also because some nodes are not in the free address list of the Education branch network and related to the network of the tuition fee is the campus network of the border router filter out, resulting in some data packets back to the phenomenon.

The default route is used to indicate where the next hop is not explicitly listed in the routing table, so there should be only one valid default route in the routing table, and the valid default route is here, this is the default Gateway. A dual interface Master selects one of the default gateways in its routing table from the two network card gateway.

Packets are going to be determined not by the interface that the default gateway refers to, but by static routes. If a static routing table entry contains a destination network for the packet to be forwarded to the next address in the static route, it is forwarded to the next hop address referred to by the default gateway. Subscription equipment of the university members concentrated in the campus network, suppliers and more members in the public online, the scope of the intranet is clear, the extranet is facing the entire Internet. Obviously intranet does not need default Gateway, using several "route-p ADD Purpose Network MASK mask Intranet Gateway" command to configure the static routing table entry to all network segments within the campus network, where the parameter-P is used for system restart, the static routing table entry can still be maintained. The default gateway should point to the extranet gateway, so it is necessary to use the external network gateway as an external network network card, and then the gateway parameter on the intranet card is cleared off.

After testing, the results obtained from the campus network access to the server's intranet interface and from the network to access the external interface is normal, indicating that the site can be normal access to the Web, which basically reached the purpose of our more than one network card. However, after the routing table is so configured, if you want to access the intranet interface of the server from other branch network nodes outside the campus network, because the network segment of the node is not in the static routing table, the Default gateway will enable the response packet to be forwarded out from the extranet interface, then the other school users belonging to the network may will not be able to access the site effectively. The solution is to generate static routing table entries based on the full network address (https://www.nic.edu.cn/RS/ipstat/) published by the Education Network, under the action of this routing table, so that these school users can also visit the website directly, so that more users can enjoy the equipment competition The convenience of the price website.

Through the above analysis, we are clear, to have more than one network interface host to do the network card parameter configuration, the default gateway (gateway) to specify must be cautious, and then add the appropriate static route, only to calculate the host IP route configuration.